ff085ffd660aea41998bc8ed08ceefa8_JaffaCakes118

General

Target

ff085ffd660aea41998bc8ed08ceefa8_JaffaCakes118
Size

272KB
MD5

ff085ffd660aea41998bc8ed08ceefa8
SHA1

2fdeb9b4cb04792db521519ba9d8d0325af86c8b
SHA256

a490adcdef81a8fc2d05470016c91f17e2e1680540ac1264ec36d5eefb3c9310
SHA512

69804d71fb812b01b24fdaa13a5f8498b04f653f26f26ecf8b3519e47242a1105fc4378e15579380bb9a34d7d87a9c759180522f35040dd65f2ef1e8a3b922d3
SSDEEP

3072:OUoDUltz9NsFwfzH7OuJnr0HrUs7iZmqF3mZ3SYHnEQQY8f2BqEExwNqJjH0hGz+:r9NCwfzhJnYSUqFWBPmuBqEo6GzgS/u

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ff085ffd660aea41998bc8ed08ceefa8_JaffaCakes118

Files

ff085ffd660aea41998bc8ed08ceefa8_JaffaCakes118
.exe windows:4 windows x86 arch:x86

09ce5d7bc6cbaafb95c5fb797277b940

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetLocaleInfoA
HeapSize
GetStringTypeA
LoadLibraryA
RtlUnwind
Sleep
InitializeCriticalSection
GetStringTypeW
GetModuleFileNameW
HeapAlloc
GetCommandLineA
HeapFree
GetVersionExA
GetProcessHeap
GetStartupInfoA
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
VirtualFree
VirtualAlloc
HeapReAlloc
HeapDestroy
HeapCreate
GetProcAddress
GetModuleHandleA
ExitProcess
WriteFile
GetStdHandle
GetModuleFileNameA
GetLastError
GetCPInfo
InterlockedIncrement
InterlockedDecrement
GetACP
GetOEMCP
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
SetLastError
GetCurrentThreadId
MultiByteToWideChar
LCMapStringA
WideCharToMultiByte
LCMapStringW
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetFileType
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime

user32

LoadStringA
LoadAcceleratorsA
GetMessageA
TranslateAcceleratorA
TranslateMessage
DispatchMessageA
LoadIconA
LoadCursorA
RegisterClassExA
MoveWindow
PostQuitMessage
DestroyWindow
DialogBoxParamA
DefWindowProcA
SendMessageA
EndDialog
CreateWindowExA
SetFocus
ShowWindow
UpdateWindow

gdi32

SetBkColor
SetTextColor
CreateFontA
CreateSolidBrush

advapi32

SetFileSecurityW

Sections

.text
Size: 32KB - Virtual size: 29KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 224KB - Virtual size: 222KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

09ce5d7bc6cbaafb95c5fb797277b940

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

Sections

.text Size: 32KB - Virtual size: 29KB

.rdata Size: 8KB - Virtual size: 7KB

.data Size: 4KB - Virtual size: 6KB

.rsrc Size: 224KB - Virtual size: 222KB

.text
Size: 32KB - Virtual size: 29KB

.rdata
Size: 8KB - Virtual size: 7KB

.data
Size: 4KB - Virtual size: 6KB

.rsrc
Size: 224KB - Virtual size: 222KB